airavata-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From anujb...@apache.org
Subject [04/23] airavata git commit: adding iam-admin-services-core files
Date Tue, 02 May 2017 16:49:19 GMT
adding iam-admin-services-core files


Project: http://git-wip-us.apache.org/repos/asf/airavata/repo
Commit: http://git-wip-us.apache.org/repos/asf/airavata/commit/4d497987
Tree: http://git-wip-us.apache.org/repos/asf/airavata/tree/4d497987
Diff: http://git-wip-us.apache.org/repos/asf/airavata/diff/4d497987

Branch: refs/heads/develop
Commit: 4d497987ad58aa5fad2ed0346be7224520bc097d
Parents: 65bb986
Author: Anuj Bhandar <bhandar.anuj@gmail.com>
Authored: Thu Apr 27 13:56:40 2017 -0400
Committer: Anuj Bhandar <bhandar.anuj@gmail.com>
Committed: Thu Apr 27 13:56:40 2017 -0400

----------------------------------------------------------------------
 .../iam-admin-services-core/pom.xml             |  50 +++-
 .../core/impl/TenantManagementKeycloakImpl.java | 253 +++++++++++++++++++
 .../interfaces/TenantManagementInterface.java   |  39 +++
 .../services/core/tests/SetupNewGateway.java    |  73 ++++++
 .../profile-service-server/pom.xml              |   5 +
 .../handlers/IamAdminServicesHandler.java       |  14 +
 .../common/utils/ApplicationSettings.java       |   8 +
 .../airavata/common/utils/ServerSettings.java   |   4 +
 .../main/resources/airavata-server.properties   |   8 +-
 .../iam-admin-services-cpi.thrift               |   2 +-
 10 files changed, 453 insertions(+), 3 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/airavata/blob/4d497987/airavata-services/profile-service/iam-admin-services-core/pom.xml
----------------------------------------------------------------------
diff --git a/airavata-services/profile-service/iam-admin-services-core/pom.xml b/airavata-services/profile-service/iam-admin-services-core/pom.xml
index be7e409..dcf637e 100644
--- a/airavata-services/profile-service/iam-admin-services-core/pom.xml
+++ b/airavata-services/profile-service/iam-admin-services-core/pom.xml
@@ -13,7 +13,55 @@
 
     
     <artifactId>iam-admin-services-core</artifactId>
-    <name>Profile User Core</name>
+    <name>Iam Admin Services</name>
 
+    <dependencies>
+        <dependency>
+            <groupId>commons-httpclient</groupId>
+            <artifactId>commons-httpclient</artifactId>
+            <version>3.1</version>
+        </dependency>
+        <!-- https://mvnrepository.com/artifact/org.apache.httpcomponents/httpclient -->
+        <dependency>
+            <groupId>org.apache.httpcomponents</groupId>
+            <artifactId>httpclient</artifactId>
+            <version>4.5.3</version>
+        </dependency>
+        <!-- https://mvnrepository.com/artifact/javax.ws.rs/javax.ws.rs-api -->
+        <dependency>
+            <groupId>javax.ws.rs</groupId>
+            <artifactId>javax.ws.rs-api</artifactId>
+            <version>2.0.1</version>
+        </dependency>
+        <!-- https://mvnrepository.com/artifact/org.jboss.resteasy/resteasy-client -->
+        <dependency>
+            <groupId>org.jboss.resteasy</groupId>
+            <artifactId>resteasy-client</artifactId>
+            <version>3.1.2.Final</version>
+        </dependency>
+        <!-- https://mvnrepository.com/artifact/org.jboss.resteasy/resteasy-jackson2-provider
-->
+        <dependency>
+            <groupId>org.jboss.resteasy</groupId>
+            <artifactId>resteasy-jackson2-provider</artifactId>
+            <version>3.1.2.Final</version>
+        </dependency>
+        <!-- https://mvnrepository.com/artifact/org.keycloak/keycloak-admin-client -->
+        <!-- https://mvnrepository.com/artifact/org.keycloak/keycloak-admin-client -->
+        <dependency>
+            <groupId>org.keycloak</groupId>
+            <artifactId>keycloak-admin-client</artifactId>
+            <version>2.5.5.Final</version>
+        </dependency>
+        <dependency>
+            <groupId>org.apache.airavata</groupId>
+            <artifactId>airavata-credential-store</artifactId>
+            <version>${project.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.apache.airavata</groupId>
+            <artifactId>profile-service-stubs</artifactId>
+            <version>${project.version}</version>
+        </dependency>
+    </dependencies>
     
 </project>
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/airavata/blob/4d497987/airavata-services/profile-service/iam-admin-services-core/src/main/java/org/apache/airavata/service/profile/iam/admin/services/core/impl/TenantManagementKeycloakImpl.java
----------------------------------------------------------------------
diff --git a/airavata-services/profile-service/iam-admin-services-core/src/main/java/org/apache/airavata/service/profile/iam/admin/services/core/impl/TenantManagementKeycloakImpl.java
b/airavata-services/profile-service/iam-admin-services-core/src/main/java/org/apache/airavata/service/profile/iam/admin/services/core/impl/TenantManagementKeycloakImpl.java
new file mode 100644
index 0000000..f688328
--- /dev/null
+++ b/airavata-services/profile-service/iam-admin-services-core/src/main/java/org/apache/airavata/service/profile/iam/admin/services/core/impl/TenantManagementKeycloakImpl.java
@@ -0,0 +1,253 @@
+/*
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+
+package org.apache.airavata.service.profile.iam.admin.services.core.impl;
+
+import org.apache.airavata.common.exception.ApplicationSettingsException;
+import org.apache.airavata.common.utils.ServerSettings;
+import org.apache.airavata.model.credential.store.PasswordCredential;
+import org.apache.airavata.model.user.UserProfile;
+import org.apache.airavata.model.workspace.Gateway;
+import org.apache.airavata.service.profile.iam.admin.services.core.interfaces.TenantManagementInterface;
+import org.apache.airavata.service.profile.iam.admin.services.cpi.exception.IamAdminServicesException;
+import org.keycloak.admin.client.Keycloak;
+import org.keycloak.admin.client.resource.UserResource;
+import org.keycloak.representations.idm.*;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import javax.ws.rs.core.Response;
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+public class TenantManagementKeycloakImpl implements TenantManagementInterface {
+
+    private final static Logger logger = LoggerFactory.getLogger(TenantManagementKeycloakImpl.class);
+
+    private static Keycloak getClient(String adminUrl, String realm, PasswordCredential AdminPasswordCreds)
{
+
+        return Keycloak.getInstance(
+                            adminUrl,
+                            realm, // the realm to log in to
+                            AdminPasswordCreds.getLoginUserName(), AdminPasswordCreds.getPassword(),
 // the user
+                            "admin-cli"); // admin-cli is the client ID used for keycloak
admin operations.
+    }
+
+    @Override
+    public Gateway addTenant(PasswordCredential isSuperAdminPasswordCreds, Gateway gatewayDetails)
throws IamAdminServicesException {
+        try {
+            // get client
+            Keycloak client = TenantManagementKeycloakImpl.getClient(ServerSettings.getIamServerUrl(),
"master", isSuperAdminPasswordCreds);
+            // create realm
+            RealmRepresentation newRealmDetails = new RealmRepresentation();
+            newRealmDetails.setEnabled(true);
+            newRealmDetails.setId(gatewayDetails.getGatewayId());
+            newRealmDetails.setDisplayName(gatewayDetails.getGatewayName());
+            newRealmDetails.setRealm(gatewayDetails.getGatewayId());
+            RealmRepresentation realmWithRoles = TenantManagementKeycloakImpl.createDefaultRoles(newRealmDetails);
+            client.realms().create(realmWithRoles);
+            return gatewayDetails;
+        } catch (ApplicationSettingsException ex) {
+            logger.error("Error getting values from property file, reason: " + ex.getCause(),
ex);
+            IamAdminServicesException exception = new IamAdminServicesException();
+            exception.setMessage("Error getting Iam server Url from property file, reason:
" + ex.getMessage());
+            throw exception;
+        } catch (Exception ex){
+            logger.error("Error creating Realm in Keycloak Server, reason: " + ex.getCause(),
ex);
+            IamAdminServicesException exception = new IamAdminServicesException();
+            exception.setMessage("Error creating Realm in Keycloak Server, reason: " + ex.getMessage());
+            throw exception;
+        }
+    }
+
+    public static RealmRepresentation createDefaultRoles(RealmRepresentation realmDetails){
+        List<RoleRepresentation> defaultRoles = new ArrayList<RoleRepresentation>();
+        RoleRepresentation adminRole = new RoleRepresentation();
+        adminRole.setName("admin");
+        adminRole.setDescription("Admin role for PGA users");
+        defaultRoles.add(adminRole);
+        RoleRepresentation adminReadOnlyRole = new RoleRepresentation();
+        adminReadOnlyRole.setName("admin-read-only");
+        adminReadOnlyRole.setDescription("Read only role for PGA Admin users");
+        defaultRoles.add(adminReadOnlyRole);
+        RoleRepresentation gatewayUserRole = new RoleRepresentation();
+        gatewayUserRole.setName("gateway-user");
+        gatewayUserRole.setDescription("default role for PGA users");
+        defaultRoles.add(gatewayUserRole);
+        RolesRepresentation rolesRepresentation = new RolesRepresentation();
+        rolesRepresentation.setRealm(defaultRoles);
+        realmDetails.setRoles(rolesRepresentation);
+        return realmDetails;
+    }
+
+    public boolean createTenantAdminAccount(PasswordCredential isSuperAdminPasswordCreds,
Gateway gatewayDetails) throws IamAdminServicesException{
+        try{
+            Keycloak client = TenantManagementKeycloakImpl.getClient(ServerSettings.getIamServerUrl(),
"master", isSuperAdminPasswordCreds);
+            UserRepresentation user = new UserRepresentation();
+            user.setUsername(gatewayDetails.getIdentityServerUserName());
+            user.setFirstName(gatewayDetails.getGatewayAdminFirstName());
+            user.setLastName(gatewayDetails.getGatewayAdminLastName());
+            user.setEmail(gatewayDetails.getGatewayAdminEmail());
+            user.setEnabled(true);
+            List<String> requiredActionList = new ArrayList<>();
+            requiredActionList.add("UPDATE_PASSWORD");
+            user.setRequiredActions(requiredActionList);
+            Response httpResponse = client.realm(gatewayDetails.getGatewayId()).users().create(user);
+            logger.info("Tenant Admin account creation exited with code : " + httpResponse.getStatus()+"
: " +httpResponse.getStatusInfo());
+            if (httpResponse.getStatus() == 201) { //HTTP code for record creation: HTTP
201
+                List<UserRepresentation> retrieveCreatedUserList = client.realm(gatewayDetails.getGatewayId()).users().search(user.getUsername(),
+                        user.getFirstName(),
+                        user.getLastName(),
+                        user.getEmail(),
+                        0, 1);
+                UserResource retrievedUser = client.realm(gatewayDetails.getGatewayId()).users().get(retrieveCreatedUserList.get(0).getId());
+                CredentialRepresentation credential = new CredentialRepresentation();
+                credential.setType(CredentialRepresentation.PASSWORD);
+                credential.setValue(ServerSettings.getGatewayAdminTempPwd());
+                credential.setTemporary(true);
+                retrievedUser.resetPassword(credential);
+                List<ClientRepresentation> realmClients = client.realm(gatewayDetails.getGatewayId()).clients().findAll();
+                String realmManagementClientId=null;
+                for(ClientRepresentation realmClient : realmClients){
+                    if(realmClient.getClientId().equals("realm-management")){
+                        realmManagementClientId = realmClient.getId();
+                    }
+                }
+                retrievedUser.roles().clientLevel(realmManagementClientId).add(retrievedUser.roles().clientLevel(realmManagementClientId).listAvailable());
+                return true;
+            } else {
+                logger.error("Request for Tenant Admin Account Creation failed with HTTP
code : " + httpResponse.getStatus());
+                logger.error("Reason for Tenant Admin account creation failure : " + httpResponse.getStatusInfo());
+                return false;
+            }
+        }catch (ApplicationSettingsException ex) {
+            logger.error("Error getting values from property file, reason: " + ex.getCause(),
ex);
+            IamAdminServicesException exception = new IamAdminServicesException();
+            exception.setMessage("Error getting values from property file, reason " + ex.getMessage());
+            throw exception;
+        }catch (Exception ex){
+            logger.error("Error creating Realm Admin Account in keycloak server, reason:
" + ex.getCause(), ex);
+            IamAdminServicesException exception = new IamAdminServicesException();
+            exception.setMessage("Error creating Realm Admin Account in keycloak server,
reason: " + ex.getMessage());
+            throw exception;
+        }
+    }
+
+    public Gateway configureClient(PasswordCredential isSuperAdminPasswordCreds, Gateway
gatewayDetails) throws IamAdminServicesException{
+        try{
+            Keycloak client = TenantManagementKeycloakImpl.getClient(ServerSettings.getIamServerUrl(),
"master", isSuperAdminPasswordCreds);
+            ClientRepresentation pgaClient = new ClientRepresentation();
+            pgaClient.setName("pga");
+            pgaClient.setClientId("pga");
+            pgaClient.setProtocol("openid-connect");
+            pgaClient.setStandardFlowEnabled(true);
+            pgaClient.setEnabled(true);
+            pgaClient.setAuthorizationServicesEnabled(true);
+            pgaClient.setDirectAccessGrantsEnabled(true);
+            pgaClient.setServiceAccountsEnabled(true);
+            pgaClient.setFullScopeAllowed(true);
+            pgaClient.setClientAuthenticatorType("client-secret");
+            String[] defaultRoles = {"gateway-user"};
+            pgaClient.setDefaultRoles(defaultRoles);
+            List<String> redirectUris = new ArrayList<>();
+            redirectUris.add("http://accord.scigap.org/callback-url");
+            pgaClient.setRedirectUris(redirectUris);
+            pgaClient.setPublicClient(false);
+            Response httpResponse = client.realms().realm(gatewayDetails.getGatewayId()).clients().create(pgaClient);
+            logger.info("Tenant Client configuration exited with code : " + httpResponse.getStatus()+"
: " +httpResponse.getStatusInfo());
+            if(httpResponse.getStatus() == 201){
+                String ClientUUID = client.realms().realm(gatewayDetails.getGatewayId()).clients().findByClientId(pgaClient.getClientId()).get(0).getId();
+                CredentialRepresentation clientSecret = client.realms().realm(gatewayDetails.getGatewayId()).clients().get(ClientUUID).getSecret();
+                gatewayDetails.setOauthClientId(pgaClient.getClientId());
+                gatewayDetails.setOauthClientSecret(clientSecret.getValue());
+                return gatewayDetails;
+            } else {
+                logger.error("Request for Realm Client Creation failed with HTTP code : "
+ httpResponse.getStatus());
+                logger.error("Reason for Realm Client Creation failure : " + httpResponse.getStatusInfo());
+                return null;
+            }
+        }catch (ApplicationSettingsException ex) {
+            logger.error("Error getting values from property file, reason: " + ex.getCause(),
ex);
+            IamAdminServicesException exception = new IamAdminServicesException();
+            exception.setMessage("Error getting values from property file, reason " + ex.getMessage());
+            throw exception;
+        }
+    }
+
+    public boolean createUser(PasswordCredential realmAdminCreds, UserProfile userProfile,
String newPassword) throws IamAdminServicesException{
+        try{
+            Keycloak client = TenantManagementKeycloakImpl.getClient(ServerSettings.getIamServerUrl(),
userProfile.getGatewayId(), realmAdminCreds);
+            UserRepresentation user = new UserRepresentation();
+            user.setUsername(userProfile.getUserId());
+            //ToDo: userProfile donot have firstname and lastname, putting Full name in keycloak's
firstname field.
+            user.setFirstName(userProfile.getUserName());
+            // Always takes the first value
+            List<String> emails = userProfile.getEmails();
+            user.setEmail(emails.get(0));
+            user.setEnabled(false);
+            Response httpResponse = client.realm(userProfile.getGatewayId()).users().create(user);
+            if (httpResponse.getStatus() == 201) { //HTTP code for record creation: HTTP
201
+                List<UserRepresentation> retrieveCreatedUserList = client.realm(userProfile.getGatewayId()).users().search(user.getUsername(),
+                        user.getFirstName(),
+                        user.getLastName(),
+                        user.getEmail(),
+                        0, 1);
+                UserResource retrievedUser = client.realm(userProfile.getGatewayId()).users().get(retrieveCreatedUserList.get(0).getId());
+                CredentialRepresentation credential = new CredentialRepresentation();
+                credential.setType(CredentialRepresentation.PASSWORD);
+                credential.setValue(newPassword);
+                credential.setTemporary(false);
+                retrievedUser.resetPassword(credential);
+            } else {
+                logger.error("Request for user Account Creation failed with HTTP code : "
+ httpResponse.getStatus());
+                logger.error("Reason for user account creation failure : " + httpResponse.getStatusInfo());
+                return false;
+            }
+        }catch (ApplicationSettingsException ex) {
+            logger.error("Error getting values from property file, reason: " + ex.getCause(),
ex);
+            IamAdminServicesException exception = new IamAdminServicesException();
+            exception.setMessage("Error getting values from property file, reason " + ex.getMessage());
+            throw exception;
+        }
+        return false;
+    }
+
+    public boolean enableUserAccount(PasswordCredential realmAdminAccount, UserProfile userDetails)
throws IamAdminServicesException{
+        try{
+            Keycloak client = TenantManagementKeycloakImpl.getClient(ServerSettings.getIamServerUrl(),
userDetails.getGatewayId(), realmAdminAccount);
+            List<String> emails = userDetails.getEmails();
+            List<UserRepresentation> userResourceList = client.realm(userDetails.getGatewayId()).users().search(userDetails.getUserId(),0,1);
+            UserResource userResource = client.realm(userDetails.getGatewayId()).users().get(userResourceList.get(0).getId());
+            UserRepresentation profile = userResource.toRepresentation();
+            profile.setEnabled(true);
+            userResource.update(profile);
+            return true;
+        } catch (ApplicationSettingsException ex) {
+            logger.error("Error getting values from property file, reason: " + ex.getCause(),
ex);
+            IamAdminServicesException exception = new IamAdminServicesException();
+            exception.setMessage("Error getting values from property file, reason " + ex.getMessage());
+            throw exception;
+        }
+    }
+
+}

http://git-wip-us.apache.org/repos/asf/airavata/blob/4d497987/airavata-services/profile-service/iam-admin-services-core/src/main/java/org/apache/airavata/service/profile/iam/admin/services/core/interfaces/TenantManagementInterface.java
----------------------------------------------------------------------
diff --git a/airavata-services/profile-service/iam-admin-services-core/src/main/java/org/apache/airavata/service/profile/iam/admin/services/core/interfaces/TenantManagementInterface.java
b/airavata-services/profile-service/iam-admin-services-core/src/main/java/org/apache/airavata/service/profile/iam/admin/services/core/interfaces/TenantManagementInterface.java
new file mode 100644
index 0000000..b11408a
--- /dev/null
+++ b/airavata-services/profile-service/iam-admin-services-core/src/main/java/org/apache/airavata/service/profile/iam/admin/services/core/interfaces/TenantManagementInterface.java
@@ -0,0 +1,39 @@
+/*
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+
+package org.apache.airavata.service.profile.iam.admin.services.core.interfaces;
+
+import org.apache.airavata.model.credential.store.PasswordCredential;
+import org.apache.airavata.model.workspace.Gateway;
+import org.apache.airavata.service.profile.iam.admin.services.cpi.exception.IamAdminServicesException;
+
+public interface TenantManagementInterface {
+
+    /**
+     * Method to add Identity server tenant for Airavata gateway creation.
+     *
+     * @param isSuperAdminPasswordCreds identity server super admin credentials
+     * @param gatewayDetails gateway details from workspace catalog
+     * @return Realm object.
+     */
+    public Gateway addTenant(PasswordCredential isSuperAdminPasswordCreds, Gateway gatewayDetails)
throws IamAdminServicesException;
+
+}

http://git-wip-us.apache.org/repos/asf/airavata/blob/4d497987/airavata-services/profile-service/iam-admin-services-core/src/test/java/org/apache/airavata/service/profile/iam/admin/services/core/tests/SetupNewGateway.java
----------------------------------------------------------------------
diff --git a/airavata-services/profile-service/iam-admin-services-core/src/test/java/org/apache/airavata/service/profile/iam/admin/services/core/tests/SetupNewGateway.java
b/airavata-services/profile-service/iam-admin-services-core/src/test/java/org/apache/airavata/service/profile/iam/admin/services/core/tests/SetupNewGateway.java
new file mode 100644
index 0000000..85578a8
--- /dev/null
+++ b/airavata-services/profile-service/iam-admin-services-core/src/test/java/org/apache/airavata/service/profile/iam/admin/services/core/tests/SetupNewGateway.java
@@ -0,0 +1,73 @@
+package org.apache.airavata.service.profile.iam.admin.services.core.tests;
+
+
+import org.apache.airavata.model.credential.store.PasswordCredential;
+import org.apache.airavata.model.user.UserProfile;
+import org.apache.airavata.model.workspace.Gateway;
+import org.apache.airavata.service.profile.iam.admin.services.core.impl.TenantManagementKeycloakImpl;
+import org.apache.airavata.service.profile.iam.admin.services.cpi.exception.IamAdminServicesException;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.util.ArrayList;
+import java.util.List;
+
+public class SetupNewGateway {
+
+    private final static Logger logger = LoggerFactory.getLogger(SetupNewGateway.class);
+
+    public static void main(String[] args) {
+        UserRegistration();
+    }
+
+    public static void setUpGateway(){
+        Gateway testGateway = new Gateway();
+        testGateway.setGatewayId("maven.test.gateway");
+        testGateway.setGatewayName("maven test gateway");
+        testGateway.setIdentityServerUserName("mavenTest");
+        testGateway.setGatewayAdminFirstName("Maven");
+        testGateway.setGatewayAdminLastName("Test");
+        testGateway.setGatewayAdminEmail("bhandar.anuj@gmail.com");
+        PasswordCredential superAdminCreds = new PasswordCredential();
+        superAdminCreds.setGatewayId(testGateway.getGatewayId());
+        superAdminCreds.setDescription("test credentials for IS admin creation");
+        superAdminCreds.setLoginUserName("airavataAdmin");
+        superAdminCreds.setPassword("Airavata@123");
+        superAdminCreds.setPortalUserName("superAdmin");
+        TenantManagementKeycloakImpl client = new TenantManagementKeycloakImpl();
+        try {
+            client.addTenant(superAdminCreds, testGateway);
+            if (!client.createTenantAdminAccount(superAdminCreds, testGateway)) {
+                logger.error("Admin account creation failed !!, please refer error logs for
reason");
+            }
+            Gateway gatewayWithIdAndSecret = client.configureClient(superAdminCreds, testGateway);
+            System.out.println(gatewayWithIdAndSecret.getOauthClientId());
+            System.out.println(gatewayWithIdAndSecret.getOauthClientSecret());
+        } catch (IamAdminServicesException ex) {
+            logger.error("Gateway Setup Failed, reason: " + ex.getCause(), ex);
+        }
+    }
+     public static void UserRegistration(){
+         UserProfile user = new UserProfile();
+         user.setUserId("testuser");
+         user.setUserName("Anuj Bhandar");
+         List<String> emails = new ArrayList<>();
+         emails.add("anuj.bhandar@outlook.com");
+         user.setGatewayId("maven.test.gateway");
+         user.setEmails(emails);
+        PasswordCredential tenantAdminCreds = new PasswordCredential();
+         tenantAdminCreds.setGatewayId(user.getGatewayId());
+         tenantAdminCreds.setDescription("test credentials for tenant admin creation");
+         tenantAdminCreds.setLoginUserName("mavenTest");
+         tenantAdminCreds.setPassword("Test@1234");
+         tenantAdminCreds.setPortalUserName("TenantAdmin");
+
+         TenantManagementKeycloakImpl client = new TenantManagementKeycloakImpl();
+         try {
+             client.createUser(tenantAdminCreds,user,"test@123");
+             client.enableUserAccount(tenantAdminCreds,user);
+         } catch (IamAdminServicesException e) {
+             e.printStackTrace();
+         }
+     }
+}

http://git-wip-us.apache.org/repos/asf/airavata/blob/4d497987/airavata-services/profile-service/profile-service-server/pom.xml
----------------------------------------------------------------------
diff --git a/airavata-services/profile-service/profile-service-server/pom.xml b/airavata-services/profile-service/profile-service-server/pom.xml
index bd51318..9163929 100644
--- a/airavata-services/profile-service/profile-service-server/pom.xml
+++ b/airavata-services/profile-service/profile-service-server/pom.xml
@@ -49,6 +49,11 @@
             <artifactId>airavata-messaging-core</artifactId>
             <version>${project.version}</version>
         </dependency>
+        <dependency>
+            <groupId>org.apache.airavata</groupId>
+            <artifactId>iam-admin-services-core</artifactId>
+            <version>${project.version}</version>
+        </dependency>
     </dependencies>
     
 </project>
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/airavata/blob/4d497987/airavata-services/profile-service/profile-service-server/src/main/java/org/apache/airavata/service/profile/handlers/IamAdminServicesHandler.java
----------------------------------------------------------------------
diff --git a/airavata-services/profile-service/profile-service-server/src/main/java/org/apache/airavata/service/profile/handlers/IamAdminServicesHandler.java
b/airavata-services/profile-service/profile-service-server/src/main/java/org/apache/airavata/service/profile/handlers/IamAdminServicesHandler.java
index 113bf3f..311e831 100644
--- a/airavata-services/profile-service/profile-service-server/src/main/java/org/apache/airavata/service/profile/handlers/IamAdminServicesHandler.java
+++ b/airavata-services/profile-service/profile-service-server/src/main/java/org/apache/airavata/service/profile/handlers/IamAdminServicesHandler.java
@@ -21,9 +21,11 @@
 
 package org.apache.airavata.service.profile.handlers;
 
+import org.apache.airavata.model.credential.store.PasswordCredential;
 import org.apache.airavata.model.error.AuthorizationException;
 import org.apache.airavata.model.security.AuthzToken;
 import org.apache.airavata.model.workspace.Gateway;
+import org.apache.airavata.service.profile.iam.admin.services.core.impl.TenantManagementKeycloakImpl;
 import org.apache.airavata.service.profile.iam.admin.services.cpi.IamAdminServices;
 import org.apache.airavata.service.profile.iam.admin.services.cpi.iam_admin_services_cpiConstants;
 import org.apache.airavata.service.profile.iam.admin.services.cpi.exception.IamAdminServicesException;
@@ -49,6 +51,18 @@ public class IamAdminServicesHandler implements IamAdminServices.Iface
{
 
     @Override
     public String setUpGateway(AuthzToken authzToken, Gateway gateway) throws IamAdminServicesException,
AuthorizationException {
+        PasswordCredential isSuperAdminCredentials = new PasswordCredential();
+        TenantManagementKeycloakImpl keycloakclient = new TenantManagementKeycloakImpl();
+        try{
+            keycloakclient.addTenant(isSuperAdminCredentials,gateway);
+            if(!keycloakclient.createTenantAdminAccount(isSuperAdminCredentials,gateway)){
+                logger.error("Admin account creation failed !!, please refer error logs for
reason");
+            }
+            Gateway gatewayWithIdAndSecret = keycloakclient.configureClient(isSuperAdminCredentials,gateway);
+            //return gatewayWithIdAndSecret;
+        } catch (IamAdminServicesException ex){
+            logger.error("Gateway Setup Failed, reason: " + ex.getCause(), ex);
+        }
         return null;
     }
 }

http://git-wip-us.apache.org/repos/asf/airavata/blob/4d497987/modules/commons/src/main/java/org/apache/airavata/common/utils/ApplicationSettings.java
----------------------------------------------------------------------
diff --git a/modules/commons/src/main/java/org/apache/airavata/common/utils/ApplicationSettings.java
b/modules/commons/src/main/java/org/apache/airavata/common/utils/ApplicationSettings.java
index 5c438f3..63fb7b0 100644
--- a/modules/commons/src/main/java/org/apache/airavata/common/utils/ApplicationSettings.java
+++ b/modules/commons/src/main/java/org/apache/airavata/common/utils/ApplicationSettings.java
@@ -433,6 +433,14 @@ public class ApplicationSettings {
         return getSetting(ServerSettings.PROFILE_SERVICE_SERVER_PORT);
     }
 
+    public static String getIamServerUrl() throws ApplicationSettingsException {
+        return getSetting(ServerSettings.IAM_SERVER_URL);
+    }
+
+    public static String getGatewayAdminTempPwd() throws ApplicationSettingsException {
+        return getSetting(ServerSettings.NEW_GATEWAY_ADMIN_TEMP_PASSWORD);
+    }
+
     /**
      * @deprecated use {{@link #getSetting(String)}}
      * @return

http://git-wip-us.apache.org/repos/asf/airavata/blob/4d497987/modules/commons/src/main/java/org/apache/airavata/common/utils/ServerSettings.java
----------------------------------------------------------------------
diff --git a/modules/commons/src/main/java/org/apache/airavata/common/utils/ServerSettings.java
b/modules/commons/src/main/java/org/apache/airavata/common/utils/ServerSettings.java
index b75ac27..1606d69 100644
--- a/modules/commons/src/main/java/org/apache/airavata/common/utils/ServerSettings.java
+++ b/modules/commons/src/main/java/org/apache/airavata/common/utils/ServerSettings.java
@@ -133,6 +133,10 @@ public class ServerSettings extends ApplicationSettings {
     public static final String PROFILE_SERVICE_SERVER_HOST = "profile.service.server.host";
     public static final String PROFILE_SERVICE_SERVER_PORT = "profile.service.server.port";
 
+    // Iam Server Constants
+    public static final String IAM_SERVER_URL = "iam.server.url";
+    public static final String NEW_GATEWAY_ADMIN_TEMP_PASSWORD="new.gateway.admin.temp.password";
+
     /* Caching */
     private static final String SESSION_CACHE_ACCESS_TIME_OUT = "ssh.session.cache.access.timeout";
 

http://git-wip-us.apache.org/repos/asf/airavata/blob/4d497987/modules/configuration/server/src/main/resources/airavata-server.properties
----------------------------------------------------------------------
diff --git a/modules/configuration/server/src/main/resources/airavata-server.properties b/modules/configuration/server/src/main/resources/airavata-server.properties
index e7ee862..839b31d 100644
--- a/modules/configuration/server/src/main/resources/airavata-server.properties
+++ b/modules/configuration/server/src/main/resources/airavata-server.properties
@@ -365,4 +365,10 @@ profile.service.jdbc.driver=org.apache.derby.jdbc.ClientDriver
 #profile.service.jdbc.driver=com.mysql.jdbc.Driver
 profile.service.jdbc.user=airavata
 profile.service.jdbc.password=airavata
-profile.service.validationQuery=SELECT 1
\ No newline at end of file
+profile.service.validationQuery=SELECT 1
+
+###########################################################################
+# Iam Admin services Configuration
+###########################################################################
+iam.server.url=https://iam.scigap.org/auth
+new.gateway.admin.temp.password=Password@123
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/airavata/blob/4d497987/thrift-interface-descriptions/service-cpis/profile-service/iam-admin-services/iam-admin-services-cpi.thrift
----------------------------------------------------------------------
diff --git a/thrift-interface-descriptions/service-cpis/profile-service/iam-admin-services/iam-admin-services-cpi.thrift
b/thrift-interface-descriptions/service-cpis/profile-service/iam-admin-services/iam-admin-services-cpi.thrift
index 1ae7dfb..ee00165 100644
--- a/thrift-interface-descriptions/service-cpis/profile-service/iam-admin-services/iam-admin-services-cpi.thrift
+++ b/thrift-interface-descriptions/service-cpis/profile-service/iam-admin-services/iam-admin-services-cpi.thrift
@@ -39,7 +39,7 @@ service IamAdminServices {
                        throws (1: iam_admin_services_cpi_errors.IamAdminServicesException
Idse,
                                2: airavata_errors.AuthorizationException ae)
 
-    string setUpGateway (1: required security_model.AuthzToken authzToken,
+    workspace_model.Gateway setUpGateway (1: required security_model.AuthzToken authzToken,
                        2: required workspace_model.Gateway gateway)
                     throws (1: iam_admin_services_cpi_errors.IamAdminServicesException Idse,
                             2: airavata_errors.AuthorizationException ae)


Mime
View raw message